RSS   Vulnerabilities for 'Aes encryption module'   RSS

2011-02-07
 
CVE-2011-0899

CWE-DesignError
 

 
The AES encryption module 7.x-1.4 for Drupal leaves certain debugging code enabled in release, which records the plaintext password of the last logged-in user and allows remote attackers to gain privileges as that user.

 


Copyright 2017, cxsecurity.com